<?#//v.3.1.1
#///////////////////////////////////////////////////////
#//  COPYRIGHT 2004 Phpauction.org ALL RIGHTS RESERVED//
#///////////////////////////////////////////////////////

require('../includes/config.inc.php');
include "loggedin.inc.php";

unset($ERR);

#//
if($_POST['action'] == "update" && phpa_securepost($_POST)) {
    #// Update database
	if (!PHP_4 )
	{
	  require_once './htmlpurifier/library/HTMLPurifier.auto.php';
	  $config = HTMLPurifier_Config::createDefault();
	  $config->set('Core', 'Encoding', 'ISO-8859-1');
	  $config->set('HTML', 'Doctype', 'HTML 4.01 Transitional');
	  $config->set('HTML', 'AllowedElements', 'div,a,em,blockquote,p,code,pre,table,font,tbody,td,tr,b,strong,u,ul,li,ol');
	  $purifier = new HTMLPurifier($config);
	}
	else
	{
	   require_once './class/phpauction_purify.php';
	   $purifier = new HTMLPurifier();
	   $purifier->allowed_tags(array("div","a","em","blockquote","p","code","pre","table","font","tbody","td","tr","b","strong","u","ul","li","ol" ));
	}



    $clean_html = $purifier->purify(stripslashes($_POST['errortext']));
    $_POST['errortext'] = $clean_html;
    $query = "update PHPAUCTIONXL_settings set
                  errortext='".$clean_html."',
                  errormail='".htmlentities($_POST['errormail'])."'";
    $res = @mysql_query($query);
    if(!$res) {
        print "Error: $query<BR>".mysql_error();
        exit;
    } else {
        $ERR = $MSG_413;
        $SETTINGS = $_POST;
    }
} else {
    #//
    $query = "SELECT * FROM PHPAUCTIONXL_settings";
    $res = @mysql_query($query);
    if(!$res) {
        print "Error: $query<BR>".mysql_error();
        exit;
    } elseif(mysql_num_rows($res) > 0) {
        $SETTINGS = mysql_fetch_array($res);
    }
}

#// Set sample error message in session vars for error page preview
$SESSION_ERROR = $ERR_119;
$_SESSION["SESSION_ERROR"]=$SESSION_ERROR;

?>
<HTML>
<HEAD>
<link rel='stylesheet' type='text/css' href='style.css' />
<STYLE TYPE="text/css">
body {
scrollbar-face-color: #aaaaaa;
scrollbar-shadow-color: #666666;
scrollbar-highlight-color: #aaaaaa;
scrollbar-3dlight-color: #dddddd;
scrollbar-darkshadow-color: #444444;
scrollbar-arrow-color: #ffffff;
}</STYLE>

<script type="text/javascript" src="../js/tinymce/jscripts/tiny_mce/tiny_mce.js"></script>
<script type="text/javascript">
tinyMCE.init({
	mode : "textareas",
	theme : "advanced",
	language: "en",
	plugins : "table",
	theme_advanced_buttons1 : "backcolor, forecolor, bold,italic,underline,separator,strikethrough,justifyleft,justifycenter,justifyright, justifyfull,bullist,numlist,undo,redo,link,unlink",
	theme_advanced_buttons2 : "fontselect, fontsizeselect",
	theme_advanced_buttons3 : "tablecontrols",
	theme_advanced_toolbar_location : "top",
	theme_advanced_toolbar_align : "left",
	force_br_newlines : "false",
	extended_valid_elements : "a[name|href|target|title|onclick],img[class|src|border=0|alt|title|hspace|vspace|width|height|align|onmouseover|onmouseout|name],hr[class|width|size|noshade],font[face|size|color|style],span[class|align|style]"
});
</script>

<link href="css/main.css" rel="stylesheet" type="text/css">
</HEAD>
<body bgcolor="#FFFFFF" text="#000000" link="#0066FF" vlink="#666666" alink="#000066" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
  <tr> 
    <td><table width="100%" border="0" cellspacing="0" cellpadding="0" class="titulo">
        <tr> 
          <td class="icono"><img src="images/settings_icon2.gif" width="30" height="29"></td>
          <td class="breadcrumbs"><p><span><?=$MSG_25_0007?></span>&nbsp;&gt;&gt;&nbsp;<?=$MSG_526?></p></td>
        </tr>
      </table></td>
  </tr>
  <tr>
    <td align="center" valign="middle">&nbsp;</td>
  </tr>
    <tr> 
    <td align="center" valign="middle">

        <FORM NAME=conf ACTION=<?=basename($_SERVER['PHP_SELF'])?> METHOD=POST>
          <TABLE WIDTH="95%" BORDER="0" CELLSPACING="0" CELLPADDING="0" class="base" style="border:1px solid #ccc;">
            <TR>
              <TD ALIGN=CENTER class=title><p><? print $MSG_409; ?></p></TD>
            </TR>
            <TR>
              <TD>
              <TABLE WIDTH=100% ALIGN="CENTER" CELLPADDING=0 cellspacing="0">
                  <?
                  if(isset($ERR))
                  {
                  ?>
                  <TR>
                    <TD COLSPAN="2" class="error"><p><? print $ERR; ?> </p></TD>
                  </TR>
                  <?
                  }
                  ?>
                  <TR VALIGN="TOP">
                    <TD colspan="2"><p> <? print $MSG_410; ?> </p></TD>
                  </TR>
                  <TR VALIGN="TOP">
                    <TD WIDTH=134 HEIGHT="22"> <p class="blue"><? print $MSG_411; ?> </p></TD>
                    <TD WIDTH="350" HEIGHT="22">
                      <TEXTAREA NAME="errortext" COLS="55" ROWS="15"><?=$SETTINGS['errortext']?></TEXTAREA>                      </TD>
                  </TR>
                  <TR VALIGN="TOP">
                    <TD WIDTH=134 HEIGHT="22" class="gris"><p class="blue"> <? print $MSG_412; ?></p> </TD>
                    <TD WIDTH="350" HEIGHT="22" class="gris">
                      <INPUT TYPE="text" NAME="errormail" SIZE="55" VALUE="<?=$SETTINGS['errormail'];?>" MAXLENGTH="255">                      </TD>
                  </TR>
                 
                  <TR>
                    <TD WIDTH=134><INPUT TYPE="hidden" NAME="action" VALUE="update" /> <INPUT TYPE="hidden" NAME="security" VALUE="<?php echo $_SESSION['security'];?>" />
                      <INPUT TYPE="hidden" NAME="currency" VALUE="<?=$SETTINGS['currency']?>">                    </TD>
                    <TD WIDTH="350"><INPUT TYPE="submit" NAME="act" VALUE="<? print $MSG_530; ?>" class="action">                    </TD>
                  </TR>
                  <TR>
                    <TD WIDTH=134></TD>
                    <TD WIDTH="350"></TD>
                  </TR>
                </TABLE>
              </TD>
            </TR>
          </TABLE>
        </FORM>
    </TD>
  </TR>
</TABLE>
</BODY>
</HTML>
